zettelforge 2.6.2__tar.gz → 2.8.0__tar.gz
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/workflows/ci.yml +54 -18
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/workflows/docs.yml +2 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/workflows/publish.yml +6 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/workflows/snyk-security.yml +3 -3
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/workflows/stale.yml +1 -1
- {zettelforge-2.6.2 → zettelforge-2.8.0}/ARCHITECTURE.md +13 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/CHANGELOG.md +101 -0
- zettelforge-2.8.0/GOVERNANCE.md +49 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/PKG-INFO +112 -81
- zettelforge-2.8.0/README.md +288 -0
- zettelforge-2.8.0/SCOPING_DOC.md +283 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/BENCHMARK_REPORT.md +73 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/cti_retrieval_benchmark.py +2 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/cti_retrieval_results.json +21 -21
- zettelforge-2.8.0/benchmarks/instrument_lookups.py +62 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/locomo_benchmark.py +40 -11
- zettelforge-2.8.0/benchmarks/locomo_results.json +962 -0
- zettelforge-2.8.0/benchmarks/mine_phase_timings.py +56 -0
- zettelforge-2.8.0/benchmarks/profile_recall.py +61 -0
- zettelforge-2.8.0/benchmarks/rerank_grid.py +43 -0
- zettelforge-2.8.0/benchmarks/results/session_2026-06-09/locomo_results_optimized.json +962 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/config.default.yaml +28 -1
- zettelforge-2.8.0/docs/explanation/design-philosophy-dual-hemisphere.md +159 -0
- zettelforge-2.8.0/docs/how-to/build-extensions.md +199 -0
- zettelforge-2.8.0/docs/how-to/configure-sigma-ingestion.md +183 -0
- zettelforge-2.8.0/docs/how-to/configure-yara-ingestion.md +223 -0
- zettelforge-2.8.0/docs/how-to/integrate-with-crewai.md +203 -0
- zettelforge-2.8.0/docs/how-to/integrate-with-langchain.md +210 -0
- zettelforge-2.8.0/docs/how-to/maintain-lancedb.md +82 -0
- zettelforge-2.8.0/docs/how-to/passive-osint-enrichment.md +70 -0
- zettelforge-2.8.0/docs/how-to/set-up-mcp-server.md +197 -0
- zettelforge-2.8.0/docs/how-to/use-detection-rules.md +191 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/index.md +2 -0
- zettelforge-2.8.0/docs/marketing/awesome-list-submissions.md +210 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/reference/configuration.md +55 -2
- zettelforge-2.8.0/docs/reference/detection-rules-schema.md +416 -0
- zettelforge-2.8.0/docs/reference/editions.md +257 -0
- zettelforge-2.8.0/docs/reference/entity-indexer-concurrency.md +346 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/reference/governance-controls.md +47 -4
- zettelforge-2.8.0/docs/reference/kg-edge-schema.md +415 -0
- zettelforge-2.8.0/docs/reference/mcp-protocol.md +723 -0
- zettelforge-2.8.0/docs/reference/sigma-schema-reference.md +367 -0
- zettelforge-2.8.0/docs/reference/yara-schema-reference.md +396 -0
- zettelforge-2.8.0/docs/rfcs/RFC-002a-retrieval-plumbing.md +214 -0
- zettelforge-2.8.0/docs/rfcs/RFC-016-osint-layer.md +413 -0
- zettelforge-2.8.0/docs/rfcs/RFC-017-memsad-write-time-defenses.md +402 -0
- zettelforge-2.8.0/docs/rfcs/RFC-018-threatrecall-next-improvements.md +255 -0
- zettelforge-2.8.0/examples/crewai_cti_crew.py +162 -0
- zettelforge-2.8.0/examples/cti_analysis.ipynb +381 -0
- zettelforge-2.8.0/examples/ingest_misp.py +467 -0
- zettelforge-2.8.0/examples/quickstart.py +35 -0
- zettelforge-2.8.0/examples/sample_misp_event.json +121 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/mkdocs.yml +26 -9
- {zettelforge-2.6.2 → zettelforge-2.8.0}/pyproject.toml +33 -3
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/__init__.py +5 -1
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/config.py +155 -0
- zettelforge-2.8.0/src/zettelforge/enrichment_ledger.py +60 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/entity_indexer.py +96 -7
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/fact_extractor.py +11 -3
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/governance_validator.py +9 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/graph_retriever.py +37 -3
- zettelforge-2.8.0/src/zettelforge/integrations/__init__.py +22 -0
- zettelforge-2.8.0/src/zettelforge/integrations/crewai.py +368 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/intent_classifier.py +6 -1
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/json_parse.py +7 -1
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/llm_client.py +13 -3
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/llm_providers/litellm_provider.py +36 -7
- zettelforge-2.8.0/src/zettelforge/memory_defense.py +508 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/memory_evolver.py +9 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/memory_manager.py +402 -81
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/memory_updater.py +24 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/note_constructor.py +11 -10
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/ontology.py +5 -0
- zettelforge-2.8.0/src/zettelforge/osint/THIRD_PARTY/AGE-120-pip-audit.md +51 -0
- zettelforge-2.8.0/src/zettelforge/osint/THIRD_PARTY/LICENSE-Apache-2.0.txt +201 -0
- zettelforge-2.8.0/src/zettelforge/osint/THIRD_PARTY/NOTICE +32 -0
- zettelforge-2.8.0/src/zettelforge/osint/THIRD_PARTY/PROVENANCE.md +65 -0
- zettelforge-2.8.0/src/zettelforge/osint/THIRD_PARTY/THIRD_PARTY_NOTICES.md +37 -0
- zettelforge-2.8.0/src/zettelforge/osint/__init__.py +109 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/__init__.py +5 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/breach/__init__.py +17 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/breach/breach_directory.py +46 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/breach/hibp_collector.py +167 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/financial/__init__.py +15 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/financial/wallet_collector.py +194 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/infrastructure/__init__.py +25 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/infrastructure/bgp_collector.py +124 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/infrastructure/cert_collector.py +124 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/infrastructure/dns_collector.py +274 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/infrastructure/port_scanner.py +109 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/infrastructure/whois_collector.py +330 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/people/__init__.py +22 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/people/holehe_collector.py +44 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/people/hunter_collector.py +54 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/people/maigret_collector.py +145 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/people/namechk_collector.py +42 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/social/__init__.py +17 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/social/hashtag_tracker.py +46 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/social/twitter_collector.py +49 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/tech/__init__.py +17 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/tech/builtwith_collector.py +53 -0
- zettelforge-2.8.0/src/zettelforge/osint/collectors/tech/wappalyzer_collector.py +56 -0
- zettelforge-2.8.0/src/zettelforge/osint/entity_resolver.py +285 -0
- zettelforge-2.8.0/src/zettelforge/osint/executor.py +543 -0
- zettelforge-2.8.0/src/zettelforge/osint/investigation.py +129 -0
- zettelforge-2.8.0/src/zettelforge/osint/ontology.py +631 -0
- zettelforge-2.8.0/src/zettelforge/osint/transform_registry.py +123 -0
- zettelforge-2.8.0/src/zettelforge/prompt_injection_guard.py +117 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/scripts/human_eval_sampler.py +2 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/scripts/telemetry_dashboard.py +1 -1
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/ingest.py +11 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sqlite_backend.py +174 -1
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/storage_backend.py +21 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/synthesis_generator.py +29 -10
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/telemetry.py +50 -14
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/vector_memory.py +56 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/vector_retriever.py +24 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/cccs_metadata.py +13 -10
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/ingest.py +20 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/parser.py +20 -6
- zettelforge-2.8.0/tests/test_cccs_metadata.py +51 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_conversational_entities.py +36 -0
- zettelforge-2.8.0/tests/test_crewai_integration.py +312 -0
- zettelforge-2.8.0/tests/test_defense_reference_window.py +87 -0
- zettelforge-2.8.0/tests/test_embedding_cache.py +71 -0
- zettelforge-2.8.0/tests/test_enrichment_switch.py +76 -0
- zettelforge-2.8.0/tests/test_graph_scoping.py +147 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_json_parse.py +18 -1
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_llm_client.py +6 -2
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_llm_providers.py +123 -9
- zettelforge-2.8.0/tests/test_max_tokens_budgets.py +202 -0
- zettelforge-2.8.0/tests/test_memory_defense.py +90 -0
- zettelforge-2.8.0/tests/test_memory_defense_equivalence.py +223 -0
- zettelforge-2.8.0/tests/test_memory_manager_flush.py +96 -0
- zettelforge-2.8.0/tests/test_osint_age119_gap_types.py +94 -0
- zettelforge-2.8.0/tests/test_osint_collectors.py +440 -0
- zettelforge-2.8.0/tests/test_osint_enrichers_age120.py +458 -0
- zettelforge-2.8.0/tests/test_osint_entities.py +281 -0
- zettelforge-2.8.0/tests/test_osint_entity_resolver.py +84 -0
- zettelforge-2.8.0/tests/test_osint_executor.py +274 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_performance.py +7 -3
- zettelforge-2.8.0/tests/test_prompt_injection_guard.py +104 -0
- zettelforge-2.8.0/tests/test_remember_chunked.py +72 -0
- zettelforge-2.8.0/tests/test_rerank_policy.py +103 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_sigma_ingest.py +49 -6
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_sqlite_backend.py +54 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_yara_ingest.py +45 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_yara_parser.py +14 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/views/search.js +16 -1
- zettelforge-2.6.2/GOVERNANCE.md +0 -24
- zettelforge-2.6.2/README.md +0 -270
- zettelforge-2.6.2/benchmarks/locomo_results.json +0 -287
- zettelforge-2.6.2/examples/quickstart.py +0 -18
- zettelforge-2.6.2/src/zettelforge/integrations/__init__.py +0 -10
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/CODEOWNERS +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/ISSUE_TEMPLATE/bug_report.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/ISSUE_TEMPLATE/feature_request.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/SECURITY.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/dependabot.yml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.github/pull_request_template.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/.gitignore +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/CODEOWNERS +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/CODE_OF_CONDUCT.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/CONTRIBUTING.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/CONTRIBUTORS.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/Dockerfile +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/LICENSE +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/MANIFEST.in +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/ROADMAP.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/SECURITY.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/LOCOMO_BENCHMARK_COMPARISON.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/auto_ralph.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/benchmark_harness.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/cti_benchmark_v2.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/cti_v2_results.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/ctibench_benchmark.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/ctibench_results.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/dataset.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/enterprise-attack.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/evolve_benchmark.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/evolve_results.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/graph_test.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/locomo_results_v1.3.0_baseline.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/memoryagentbench.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/memoryagentbench_results.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/mempalace_benchmark.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/mempalace_results.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/naive_memory.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/opencti_benchmark.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/ragas_benchmark.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/ragas_cti_results.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/ragas_results.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/results/benchmark_report.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/results/ralph_optimization_log.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/scale_benchmark.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/benchmarks/scale_results.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/config.example.yaml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docker/docker-compose.yml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/.well-known/security.txt +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/CNAME +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/THREAT_MODEL.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/architecture-diagram.mmd +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/archive/PACKAGE_SUMMARY.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/archive/README.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/archive/SKILL.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/ZettelForge_Architecture.mmd +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/architecture-overview.mmd +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/architecture-read-path.mmd +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/architecture-write-path.mmd +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/cf-analytics.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/demo.gif +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/favicon-16.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/favicon-32.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/favicon-512.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/favicon-64.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/favicon-apple-touch.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/favicon-old.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/favicon.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/logo.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/social-preview.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/threatrecall-lockup-monogram.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/threatrecall-lockup.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/threatrecall-logo-flat.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/threatrecall-logo-philosophy.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/threatrecall-logo.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/threatrecall-mark.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/zettelforge_architecture-light.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/assets/zettelforge_architecture.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/brand/brandIdentity.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/brand/colors_and_type.css +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/explanation/architecture.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/explanation/epistemic-tiers.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/explanation/llm-budgets-and-timeouts.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/explanation/stix-in-zettelforge.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/explanation/two-phase-pipeline.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/explanation/zettelkasten-philosophy.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/configure-lancedb.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/configure-opencti.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/configure-pii.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/configure-typedb.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/ingest-news-report.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/integrate-llm-agent.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/migrate-jsonl-to-sqlite.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/query-apt-tools.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/reproduce-benchmarks.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/resolve-aliases.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/run-temporal-query.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/store-threat-actor.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/troubleshoot.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/upgrade.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/how-to/use-web-interface.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/human-evaluation-rubric.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/llms.txt +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/narrative/2026-04-16-the-memory-problem.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/overrides/main.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/reference/architecture-deep-dive.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/reference/memory-manager-api.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/reference/module-inventory.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/reference/retrieval-policies.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/reference/stix-schema.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/reference/web-api.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-001-conversational-entity-extractor.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-002-universal-llm-provider.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-003-adversarial-review.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-003-read-path-depth-routing.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-007-operational-telemetry.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-009-enrichment-pipeline-v2.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-010-enrichment-hotfix.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-011-local-llm-backend-config.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-012-litellm-unified-provider.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-013-presidio-pii-detection.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-014-content-limits.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/rfcs/RFC-015-zettelforge-web-gui.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/stylesheets/brand-tokens.css +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/stylesheets/extra.css +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/stylesheets/fonts/Neuropol.otf +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/tutorials/01-quickstart.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/docs/tutorials/02-first-cti-report.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/examples/athf_bridge.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/examples/mcp_claude_code.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/governance/controls.yaml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/pr-body.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/scripts/migrate_jsonl_to_sqlite.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/scripts/rebuild_index.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/scripts/record-demo.sh +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/scripts/typedb-setup.sh +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/scripts/zettelforge-rebuild.service +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/scripts/zettelforge-rebuild.timer +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/server.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/skills/claude-code-skill.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/skills/openclaw-skill.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/__main__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/alias_resolver.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/backend_factory.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/blended_retriever.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/cache.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/consolidation.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/demo.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/detection/__init__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/detection/base.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/detection/consumers.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/detection/explainer.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/edition.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/extensions.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/integrations/langchain_retriever.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/knowledge_graph.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/lance_maintenance.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/llm_providers/__init__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/llm_providers/base.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/llm_providers/local_provider.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/llm_providers/mock_provider.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/llm_providers/ollama_provider.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/llm_providers/registry.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/log.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/mcp/__init__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/mcp/__main__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/mcp/server.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/memory_store.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/note_schema.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/observability.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/ocsf.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/pii_validator.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/retry.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/scripts/compact_lance.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/scripts/telemetry_aggregator.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/__init__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/cli.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/entities.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/parser.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/schemas/NOTICE.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/schemas/__init__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/schemas/sigma-correlation-rules-schema.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/schemas/sigma-detection-rule-schema.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/schemas/sigma-filters-schema.json +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/sigma/tags.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/synthesis_validator.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/__init__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/cli.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/entities.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/schemas/CCCS_YARA.yml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/schemas/CCCS_YARA_values.yml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/schemas/NOTICE.md +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/schemas/__init__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/src/zettelforge/yara/tags.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/__init__.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/benchmark_scale.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/conftest.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/fixtures/sigma/cloud_example.yml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/fixtures/sigma/correlation_example.yml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/fixtures/sigma/process_creation_example.yml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/fixtures/sigma/tagged_example.yml +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/fixtures/yara/malware_hash.yar +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/fixtures/yara/technique_loader.yar +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/fixtures/yara/webshell.yar +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_basic.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_blended_retriever.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_causal_extraction.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_config.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_consolidation.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_core.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_cti_integration.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_detection_explainer.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_detection_rule_entities.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_edition.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_embedding.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_entity_indexer_races.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_extensions.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_fact_extractor.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_governance.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_governance_spec_drift.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_graph_retriever.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_human_eval_sampler.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_intent_classifier.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_kg_edge_schema.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_lance_maintenance.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_langchain_retriever.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_logging_compliance.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_mcp_server.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_memory_evolver.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_memory_updater.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_pii_validator.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_recall_integration.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_sigma_entities.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_sigma_parser.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_sqlite_integration.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_storage_backend.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_telemetry_aggregator.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_telemetry_collector.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_telemetry_dashboard.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_telemetry_integration.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_temporal_graph.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_two_phase_e2e.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_typedb_client.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_web_api.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/tests/test_yara_entities.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/app.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/auth.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/mcp_server.py +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/static/css/design_tokens.css +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/templates/base.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/templates/components/remember_panel.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/templates/components/result_card.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/templates/components/search_bar.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/templates/components/synthesis_block.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/templates/components/tab_bar.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/templates/config_editor.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/templates/index.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/assets/favicon-16.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/assets/favicon-32.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/assets/favicon-512.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/assets/favicon-apple-touch.png +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/assets/logo.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/assets/threatrecall-lockup.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/assets/zettelforge_architecture.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/colors_and_type.css +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/favicon.svg +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/fonts/Neuropol.otf +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/index.html +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/app.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/components/header.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/components/result-card.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/components/sidebar.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/components/spinner.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/components/tabs.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/components/toast.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/lib/api.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/lib/state.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/views/configuration.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/views/dashboard.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/views/entities.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/views/history.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/views/ingest.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/views/knowledge-graph.js +0 -0
- {zettelforge-2.6.2 → zettelforge-2.8.0}/web/ui/js/views/logs.js +0 -0
|
@@ -13,10 +13,10 @@ jobs:
|
|
|
13
13
|
lint:
|
|
14
14
|
runs-on: ubuntu-latest
|
|
15
15
|
steps:
|
|
16
|
-
- uses: actions/checkout@
|
|
16
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
|
|
17
17
|
|
|
18
18
|
- name: Set up Python
|
|
19
|
-
uses: actions/setup-python@
|
|
19
|
+
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
|
|
20
20
|
with:
|
|
21
21
|
python-version: '3.12'
|
|
22
22
|
|
|
@@ -35,13 +35,13 @@ jobs:
|
|
|
35
35
|
pip-audit:
|
|
36
36
|
runs-on: ubuntu-latest
|
|
37
37
|
steps:
|
|
38
|
-
- uses: actions/checkout@
|
|
38
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
|
|
39
39
|
- name: Set up Python
|
|
40
|
-
uses: actions/setup-python@
|
|
40
|
+
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
|
|
41
41
|
with:
|
|
42
42
|
python-version: '3.12'
|
|
43
43
|
- name: Install pip-audit
|
|
44
|
-
run: pip install pip-audit
|
|
44
|
+
run: pip install pip-audit==2.9.0
|
|
45
45
|
- name: Audit dependencies (any reported vuln blocks)
|
|
46
46
|
run: |
|
|
47
47
|
pip install -e ".[dev]" || pip install -e "."
|
|
@@ -49,7 +49,7 @@ jobs:
|
|
|
49
49
|
# --ignore-vuln=CVE-... with a citation when the finding is
|
|
50
50
|
# explicitly accepted per GOV-009 §"Vulnerability Response".
|
|
51
51
|
#
|
|
52
|
-
# CVE-2026-3219: vulnerability in `pip` itself (the package
|
|
52
|
+
# CVE-2026-3219 / PYSEC-2026-196: vulnerability in `pip` itself (the package
|
|
53
53
|
# manager), not a project dependency. The runner's pip is
|
|
54
54
|
# supplied by GitHub's setup-python image and is not something
|
|
55
55
|
# ZettelForge's pyproject can pin or upgrade. Risk-accepted
|
|
@@ -57,25 +57,59 @@ jobs:
|
|
|
57
57
|
# install, not at runtime; CI builds in ephemeral runners with
|
|
58
58
|
# no persistent state. Re-evaluate when GitHub's images ship a
|
|
59
59
|
# patched pip.
|
|
60
|
-
|
|
61
|
-
|
|
60
|
+
#
|
|
61
|
+
# CVE-2023-36464 / GHSA-4vvm-4w3v-6mr8: medium-severity
|
|
62
|
+
# infinite-loop DoS in PyPDF2 3.0.1, introduced transitively by
|
|
63
|
+
# Maigret. PyPDF2 has no patched release under that package name
|
|
64
|
+
# (upstream recommends migrating to pypdf>=3.9.0), and ZettelForge's
|
|
65
|
+
# AGE-120 username collector does not parse attacker-supplied PDFs or
|
|
66
|
+
# invoke Maigret report generation. Accepted for AGE-120 because the
|
|
67
|
+
# GOV-009 blocking threshold is HIGH/CRITICAL and the collector
|
|
68
|
+
# lazy-imports/fails closed.
|
|
69
|
+
#
|
|
70
|
+
# --skip-editable: do not audit the editable local zettelforge
|
|
71
|
+
# install. It is the project itself, not a third-party dependency,
|
|
72
|
+
# and on a release-prep PR its version is bumped ahead of PyPI
|
|
73
|
+
# (e.g. 2.8.0 before publish), so pip-audit cannot resolve it.
|
|
74
|
+
#
|
|
75
|
+
# --strict is intentionally NOT used: it fails the run whenever a
|
|
76
|
+
# distribution can't be audited, which includes the editable
|
|
77
|
+
# package we deliberately skip ("distribution marked as editable").
|
|
78
|
+
# pip-audit still exits non-zero on any real reported vulnerability,
|
|
79
|
+
# so the "any reported vuln blocks" gate is preserved; every
|
|
80
|
+
# third-party dependency (and the runner's pip) is still audited.
|
|
81
|
+
pip-audit --skip-editable \
|
|
82
|
+
--ignore-vuln=CVE-2026-3219 \
|
|
83
|
+
--ignore-vuln=PYSEC-2026-196 \
|
|
84
|
+
--ignore-vuln=CVE-2023-36464
|
|
62
85
|
|
|
63
86
|
test:
|
|
64
87
|
runs-on: ubuntu-latest
|
|
65
88
|
needs: lint
|
|
66
89
|
strategy:
|
|
67
90
|
fail-fast: false
|
|
91
|
+
# The fastembed model download is shared across Python versions. Running
|
|
92
|
+
# these jobs in parallel can double-hit HuggingFace and trigger 429s.
|
|
93
|
+
max-parallel: 1
|
|
68
94
|
matrix:
|
|
69
95
|
python-version: ['3.12', '3.13']
|
|
70
96
|
|
|
71
97
|
steps:
|
|
72
|
-
- uses: actions/checkout@
|
|
98
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
|
|
73
99
|
|
|
74
100
|
- name: Set up Python ${{ matrix.python-version }}
|
|
75
|
-
uses: actions/setup-python@
|
|
101
|
+
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
|
|
76
102
|
with:
|
|
77
103
|
python-version: ${{ matrix.python-version }}
|
|
78
104
|
|
|
105
|
+
- name: Cache fastembed model
|
|
106
|
+
uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830
|
|
107
|
+
with:
|
|
108
|
+
path: |
|
|
109
|
+
~/.cache/fastembed
|
|
110
|
+
~/.cache/huggingface
|
|
111
|
+
key: fastembed-nomic-embed-text-v1.5-Q-${{ runner.os }}
|
|
112
|
+
|
|
79
113
|
- name: Install dependencies
|
|
80
114
|
run: |
|
|
81
115
|
python -m pip install --upgrade pip
|
|
@@ -102,19 +136,21 @@ jobs:
|
|
|
102
136
|
|
|
103
137
|
- name: Upload coverage
|
|
104
138
|
if: matrix.python-version == '3.12'
|
|
105
|
-
|
|
106
|
-
|
|
107
|
-
|
|
108
|
-
|
|
139
|
+
continue-on-error: true
|
|
140
|
+
env:
|
|
141
|
+
CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
|
|
142
|
+
run: |
|
|
143
|
+
python -m pip install codecov-cli
|
|
144
|
+
codecovcli upload-process -f ./coverage.xml
|
|
109
145
|
|
|
110
146
|
governance:
|
|
111
147
|
runs-on: ubuntu-latest
|
|
112
148
|
needs: lint
|
|
113
149
|
steps:
|
|
114
|
-
- uses: actions/checkout@
|
|
150
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
|
|
115
151
|
|
|
116
152
|
- name: Set up Python
|
|
117
|
-
uses: actions/setup-python@
|
|
153
|
+
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
|
|
118
154
|
with:
|
|
119
155
|
python-version: '3.12'
|
|
120
156
|
|
|
@@ -139,10 +175,10 @@ jobs:
|
|
|
139
175
|
needs: [test, governance]
|
|
140
176
|
|
|
141
177
|
steps:
|
|
142
|
-
- uses: actions/checkout@
|
|
178
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
|
|
143
179
|
|
|
144
180
|
- name: Set up Python
|
|
145
|
-
uses: actions/setup-python@
|
|
181
|
+
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
|
|
146
182
|
with:
|
|
147
183
|
python-version: '3.12'
|
|
148
184
|
|
|
@@ -14,8 +14,8 @@ jobs:
|
|
|
14
14
|
deploy:
|
|
15
15
|
runs-on: ubuntu-latest
|
|
16
16
|
steps:
|
|
17
|
-
- uses: actions/checkout@
|
|
18
|
-
- uses: actions/setup-python@
|
|
17
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
|
|
18
|
+
- uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
|
|
19
19
|
with:
|
|
20
20
|
python-version: '3.12'
|
|
21
21
|
- run: pip install mkdocs-material
|
|
@@ -6,15 +6,19 @@ on:
|
|
|
6
6
|
|
|
7
7
|
jobs:
|
|
8
8
|
publish:
|
|
9
|
+
# Package-only releases (for example packages-v0.1.0) are not
|
|
10
|
+
# Python package releases and must not attempt a PyPI upload.
|
|
11
|
+
if: startsWith(github.event.release.tag_name, 'v')
|
|
9
12
|
runs-on: ubuntu-latest
|
|
10
13
|
permissions:
|
|
14
|
+
contents: read
|
|
11
15
|
id-token: write # trusted publishing
|
|
12
16
|
|
|
13
17
|
steps:
|
|
14
|
-
- uses: actions/checkout@
|
|
18
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
|
|
15
19
|
|
|
16
20
|
- name: Set up Python
|
|
17
|
-
uses: actions/setup-python@
|
|
21
|
+
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
|
|
18
22
|
with:
|
|
19
23
|
python-version: '3.12'
|
|
20
24
|
|
|
@@ -17,10 +17,10 @@ jobs:
|
|
|
17
17
|
actions: read
|
|
18
18
|
runs-on: ubuntu-latest
|
|
19
19
|
steps:
|
|
20
|
-
- uses: actions/checkout@
|
|
20
|
+
- uses: actions/checkout@9c091bb21b7c1c1d1991bb908d89e4e9dddfe3e0
|
|
21
21
|
|
|
22
22
|
- name: Set up Python
|
|
23
|
-
uses: actions/setup-python@
|
|
23
|
+
uses: actions/setup-python@ece7cb06caefa5fff74198d8649806c4678c61a1
|
|
24
24
|
with:
|
|
25
25
|
python-version: '3.12'
|
|
26
26
|
|
|
@@ -65,7 +65,7 @@ jobs:
|
|
|
65
65
|
|
|
66
66
|
- name: Upload SARIF to GitHub
|
|
67
67
|
if: steps.check_token.outputs.has_token == 'true'
|
|
68
|
-
uses: github/codeql-action/upload-sarif@
|
|
68
|
+
uses: github/codeql-action/upload-sarif@8aad20d150bbac5944a9f9d289da16a4b0d87c1e
|
|
69
69
|
with:
|
|
70
70
|
sarif_file: snyk-code.sarif
|
|
71
71
|
continue-on-error: true
|
|
@@ -3,6 +3,19 @@
|
|
|
3
3
|
Visual diagram: [`docs/architecture-diagram.mmd`](docs/architecture-diagram.mmd)
|
|
4
4
|
Deep explanation: [`docs/explanation/architecture.md`](docs/explanation/architecture.md)
|
|
5
5
|
|
|
6
|
+
## Foundational Model: Two Hemispheres
|
|
7
|
+
|
|
8
|
+
ZettelForge is modeled on the brain. A symbolic left hemisphere (the typed,
|
|
9
|
+
STIX-aligned knowledge graph with schema enforcement and rule-based inference) is
|
|
10
|
+
the precise, explainable authority of record. An associative right hemisphere
|
|
11
|
+
(blended vector and graph retrieval with GraphRAG and agentic synthesis) explores
|
|
12
|
+
and proposes. Underneath both, knowledge is atomic facts connected by directed,
|
|
13
|
+
time-stamped, pairwise associations, with time and provenance as first-class
|
|
14
|
+
primitives (Cognitive Data Model, Pieris 2025). The components below implement
|
|
15
|
+
this model. See [design philosophy](docs/explanation/design-philosophy-dual-hemisphere.md)
|
|
16
|
+
for the rationale and research basis, and [GOVERNANCE.md](GOVERNANCE.md) for the
|
|
17
|
+
binding design commitment.
|
|
18
|
+
|
|
6
19
|
## Storage
|
|
7
20
|
|
|
8
21
|
ZettelForge uses a `StorageBackend` ABC (33 methods) with pluggable
|
|
@@ -6,6 +6,107 @@ Versioning follows [Semantic Versioning](https://semver.org/).
|
|
|
6
6
|
|
|
7
7
|
## [Unreleased]
|
|
8
8
|
|
|
9
|
+
## [2.8.0] - 2026-06-26
|
|
10
|
+
|
|
11
|
+
Feature release. Extends the RFC-016 OSINT layer with passive ingest and
|
|
12
|
+
live AGE-120 enrichers, adds AGE-127 prompt-injection /
|
|
13
|
+
retrieval-poisoning guardrails across the memory pipeline, and lays the
|
|
14
|
+
RFC-018 Phase 0 enrichment job ledger foundation, alongside configurable
|
|
15
|
+
LLM generation budgets and bulk detection-ingest hardening. No data
|
|
16
|
+
migration is required.
|
|
17
|
+
|
|
18
|
+
### Added
|
|
19
|
+
|
|
20
|
+
- **Prompt-injection and retrieval-poisoning guardrails** (AGE-127). A
|
|
21
|
+
deterministic guard for untrusted memory and CTI text, wired into the
|
|
22
|
+
remember, recall, synthesis, fact-extraction, entity-indexing,
|
|
23
|
+
note-construction, intent-classification, memory-update, and evolution
|
|
24
|
+
boundaries. LLM prompts are hardened to treat query and context text as
|
|
25
|
+
untrusted evidence. (#166)
|
|
26
|
+
- **Passive OSINT executor** (RFC-016 Phase 1.5). Validates collector
|
|
27
|
+
tuples and persists knowledge-graph writes; scopes OSINT alias caching to
|
|
28
|
+
each `KnowledgeGraph` instance; canonicalizes Organization values to
|
|
29
|
+
avoid WHOIS/RDAP duplicates; treats an explicit empty collector
|
|
30
|
+
allow-list as empty; adds user-facing passive OSINT docs and mkdocs
|
|
31
|
+
navigation. (#163)
|
|
32
|
+
- **Live OSINT enrichers** (AGE-120). Native RFC-016 collectors that feed
|
|
33
|
+
the graph backend: WHOIS/DNS, maigret/sherlock username discovery, HIBP
|
|
34
|
+
breach lookup, and blockchain wallet transactions, with OSINT
|
|
35
|
+
ontology / executor / entity-resolution / graph-persistence extensions.
|
|
36
|
+
The network collectors are an opt-in `[osint]` extra, key-gated and
|
|
37
|
+
fail-closed, and are never auto-triggered by `remember()`. Known
|
|
38
|
+
fast-follow robustness items are tracked in #176. (#167)
|
|
39
|
+
- **RFC-018 Phase 0 enrichment job ledger.** Durable SQLite job-metadata
|
|
40
|
+
foundation with `MemoryManager` queue-state recording and regression
|
|
41
|
+
tests, plus the RFC-018 spec for the next ingestion, enrichment,
|
|
42
|
+
parser-safety, metadata-policy, operator-health, and release-train
|
|
43
|
+
improvements. (#178)
|
|
44
|
+
- Configurable LLM generation budgets for causal extraction, synthesis,
|
|
45
|
+
fact extraction, NER, and memory evolution, plus `reasoning_model` scaling
|
|
46
|
+
floors and `<think>` / `<thinking>` JSON parse stripping. (#153)
|
|
47
|
+
- Bulk Sigma/YARA ingest can defer enrichment and drain once via
|
|
48
|
+
`MemoryManager.flush()`. (#153)
|
|
49
|
+
|
|
50
|
+
### Fixed
|
|
51
|
+
|
|
52
|
+
- Hardened CCCS YARA metadata validation against multiline regex injection
|
|
53
|
+
and overly permissive author values. (#153)
|
|
54
|
+
- `MemoryManager.flush()` now waits for in-flight enrichment work, not only
|
|
55
|
+
queued work; cached `Plyara` parsing is serialized for concurrent callers. (#153)
|
|
56
|
+
|
|
57
|
+
## [2.7.0] - 2026-05-26
|
|
58
|
+
|
|
59
|
+
Security and OSINT release. Adds the RFC-016 OSINT layer and the first
|
|
60
|
+
SEC-011 / MemSAD-inspired write-time memory-poisoning defense. No data
|
|
61
|
+
migration is required. The new memory defense ships in audit mode by default.
|
|
62
|
+
|
|
63
|
+
### Added
|
|
64
|
+
|
|
65
|
+
- **OSINT layer scaffold and Phase 1 collectors** (RFC-016). Adds
|
|
66
|
+
`zettelforge.osint` with infrastructure, breach, people, social, and
|
|
67
|
+
technology collector packages; OSINT ontology and relation extensions;
|
|
68
|
+
entity canonicalization helpers; collector registry; and tests covering
|
|
69
|
+
DNS, WHOIS, certificates, BGP, ports, breach, people, social, and tech
|
|
70
|
+
collector contracts. Optional runtime dependencies are available with
|
|
71
|
+
`pip install zettelforge[osint]`.
|
|
72
|
+
- **Write-time memory anomaly defense** (SEC-011 / MemSAD). New
|
|
73
|
+
`MemoryAnomalyGate` scores candidate notes before persistence using
|
|
74
|
+
MemSAD-style max/mean embedding similarity against recent domain
|
|
75
|
+
calibration notes plus character n-gram Jensen-Shannon divergence to
|
|
76
|
+
reduce synonym/paraphrase evasion. Config lives under
|
|
77
|
+
`governance.memory_defense`; default mode is `audit`, with `block` and
|
|
78
|
+
`quarantine` available once a deployment has a clean calibration corpus.
|
|
79
|
+
- **Quarantine path for rejected memory writes.** In `quarantine` mode,
|
|
80
|
+
flagged notes are written to JSONL forensic quarantine and are not exposed
|
|
81
|
+
to recall, entity lookup, LanceDB, or graph traversal.
|
|
82
|
+
- **CrewAI integration** (issue #40). New optional extra
|
|
83
|
+
`pip install zettelforge[crewai]` exposes `ZettelForgeRecallTool`,
|
|
84
|
+
`ZettelForgeRememberTool`, and `ZettelForgeSynthesizeTool` as CrewAI
|
|
85
|
+
`BaseTool` subclasses. CTI-focused crews can now use ZettelForge as a
|
|
86
|
+
drop-in alternative to CrewAI's existing Mem0 memory tools, with
|
|
87
|
+
per-tool description copy aimed at routing the LLM to the right tool
|
|
88
|
+
(recall for lookups, remember for findings, synthesize for final answers).
|
|
89
|
+
See `examples/crewai_cti_crew.py` for a runnable two-agent demo.
|
|
90
|
+
Tests gated on `pytest.importorskip("crewai")`; 11 pass against
|
|
91
|
+
crewai 1.14.x.
|
|
92
|
+
|
|
93
|
+
### Changed
|
|
94
|
+
|
|
95
|
+
- **Telemetry attribution compatibility.** `caller` is now supported in
|
|
96
|
+
telemetry events while the previous `actor` field and method arguments
|
|
97
|
+
remain backward-compatible for existing dashboards and tests.
|
|
98
|
+
- **Real LLM integration and performance tests are explicit opt-in.**
|
|
99
|
+
Set `ZETTELFORGE_RUN_LLM_INTEGRATION=1` or
|
|
100
|
+
`ZETTELFORGE_RUN_PERFORMANCE_TESTS=1` to run environment-sensitive suites.
|
|
101
|
+
The default regression suite is now deterministic on machines without
|
|
102
|
+
local LLM credentials or dedicated benchmark hardware.
|
|
103
|
+
|
|
104
|
+
### Tests
|
|
105
|
+
|
|
106
|
+
- Added focused memory-defense tests for insufficient calibration, audit-mode
|
|
107
|
+
anomaly detection, and quarantine writes.
|
|
108
|
+
- Default regression gate: `742 passed, 13 skipped`.
|
|
109
|
+
|
|
9
110
|
## [2.6.2] - 2026-04-27
|
|
10
111
|
|
|
11
112
|
UI/UX release. Fixes the `/config` page so the Apply button actually works
|
|
@@ -0,0 +1,49 @@
|
|
|
1
|
+
# Governance
|
|
2
|
+
|
|
3
|
+
## Maintainer
|
|
4
|
+
|
|
5
|
+
ZettelForge is maintained by Patrick Roland (@rolandpg).
|
|
6
|
+
|
|
7
|
+
## Licensing Commitment
|
|
8
|
+
|
|
9
|
+
ZettelForge is MIT licensed. This will not change.
|
|
10
|
+
|
|
11
|
+
## Design Commitment: Brain-Inspired Memory Architecture
|
|
12
|
+
|
|
13
|
+
ZettelForge is modeled on the brain by deliberate decision, not metaphor. This
|
|
14
|
+
commitment is binding on the architecture and will not be quietly abandoned.
|
|
15
|
+
|
|
16
|
+
The memory engine is dual-hemisphere. A symbolic left hemisphere (a typed,
|
|
17
|
+
STIX/ATT&CK-aligned knowledge graph with schema enforcement and rule-based
|
|
18
|
+
inference) is the authority of record: precise, constraint-checked, and
|
|
19
|
+
explainable. An associative right hemisphere (blended vector and graph retrieval,
|
|
20
|
+
GraphRAG, and agentic synthesis) explores and proposes, and writes back into the
|
|
21
|
+
symbolic layer only through validated paths. The two layers stay distinct.
|
|
22
|
+
|
|
23
|
+
Underneath both, knowledge is represented as atomic facts connected by directed,
|
|
24
|
+
time-stamped, pairwise associations (the Cognitive Data Model, Pieris 2025). Time
|
|
25
|
+
and provenance are first-class primitives: every note and claim carries its
|
|
26
|
+
source, markings (TLP), confidence, and time validity, and every retrieval result
|
|
27
|
+
carries provenance. Ingested content is untrusted and is sanitized or isolated
|
|
28
|
+
before any model call. Quantitative quality or performance claims are reproduced
|
|
29
|
+
on the project's own CTI benchmark suite before being stated as fact.
|
|
30
|
+
|
|
31
|
+
Changes to storage, retrieval, the knowledge graph, or ingestion MUST preserve
|
|
32
|
+
this model, and design decisions SHOULD cite the relevant hemisphere or layer.
|
|
33
|
+
The full rationale and research basis are in
|
|
34
|
+
[docs/explanation/design-philosophy-dual-hemisphere.md](docs/explanation/design-philosophy-dual-hemisphere.md).
|
|
35
|
+
|
|
36
|
+
## Extension Boundary
|
|
37
|
+
|
|
38
|
+
The extension package (`zettelforge-enterprise`) provides features
|
|
39
|
+
that require external infrastructure (TypeDB, OpenCTI, multi-tenant
|
|
40
|
+
OAuth). The open source project will never be degraded to create
|
|
41
|
+
commercial incentive.
|
|
42
|
+
|
|
43
|
+
Rule: if a feature works with JSONL + local embeddings, it belongs
|
|
44
|
+
in this repo.
|
|
45
|
+
|
|
46
|
+
## Contributions
|
|
47
|
+
|
|
48
|
+
Community contributions are reviewed on their technical merits.
|
|
49
|
+
All contributions to this repository remain MIT licensed.
|